def reapply_cors(request, response): """Reapply cors headers to the new response with regards to the request. We need to re-apply the CORS checks done by Cornice, in case we're recreating the response from scratch. """ service = request.current_service if service: request.info['cors_checked'] = False cors.apply_cors_post_request(service, request, response) response = cors.ensure_origin(service, request, response) else: # No existing service is concerned, and Cornice is not implied. origin = request.headers.get('Origin') if origin: settings = request.registry.settings allowed_origins = set(aslist(settings['cors_origins'])) required_origins = {'*', decode_header(origin)} if allowed_origins.intersection(required_origins): origin = encode_header(origin) response.headers['Access-Control-Allow-Origin'] = origin # Import service here because kinto.core import utils from kinto.core import Service if Service.default_cors_headers: headers = ','.join(Service.default_cors_headers) response.headers['Access-Control-Expose-Headers'] = headers return response
def reapply_cors(request, response): """Reapply cors headers to the new response with regards to the request. We need to re-apply the CORS checks done by Cornice, in case we're recreating the response from scratch. """ service = request.current_service if service: request.info["cors_checked"] = False cors.apply_cors_post_request(service, request, response) response = cors.ensure_origin(service, request, response) else: # No existing service is concerned, and Cornice is not implied. origin = request.headers.get("Origin") if origin: settings = request.registry.settings allowed_origins = set(aslist(settings["cors_origins"])) required_origins = {"*", origin} if allowed_origins.intersection(required_origins): response.headers["Access-Control-Allow-Origin"] = origin # Import service here because kinto.core import utils from kinto.core import Service if Service.default_cors_headers: # pragma: no branch headers = ",".join(Service.default_cors_headers) response.headers["Access-Control-Expose-Headers"] = headers return response
def reapply_cors(request, response): """Reapply cors headers to the new response with regards to the request. We need to re-apply the CORS checks done by Cornice, in case we're recreating the response from scratch. """ service = current_service(request) if service: request.info['cors_checked'] = False cors.apply_cors_post_request(service, request, response) response = cors.ensure_origin(service, request, response) else: # No existing service is concerned, and Cornice is not implied. origin = request.headers.get('Origin') if origin: settings = request.registry.settings allowed_origins = set(aslist(settings['cors_origins'])) required_origins = {'*', decode_header(origin)} if allowed_origins.intersection(required_origins): origin = encode_header(origin) response.headers['Access-Control-Allow-Origin'] = origin # Import service here because cliquet import utils from cliquet import Service if Service.default_cors_headers: headers = ','.join(Service.default_cors_headers) response.headers['Access-Control-Expose-Headers'] = headers return response
def _add_cors(request: pyramid.request.Request) -> None: services = request.registry.cornice_services if request.matched_route is not None: pattern = request.matched_route.pattern service = services.get(pattern, None) if service is not None: request.info['cors_checked'] = False cors.apply_cors_post_request(service, request, request.response) return _crude_add_cors(request)
def apply_filters(request, response): if request.matched_route is not None: # do some sanity checking on the response using filters services = request.registry.get('cornice_services', {}) pattern = request.matched_route.pattern service = services.get(pattern, None) if service is not None: kwargs, ob = getattr(request, "cornice_args", ({}, None)) for _filter in kwargs.get('filters', []): if is_string(_filter) and ob is not None: _filter = getattr(ob, _filter) try: response = _filter(response, request) except TypeError: response = _filter(response) if service.cors_enabled: apply_cors_post_request(service, request, response) return response
def apply_filters(request, response): if request.matched_route is not None: # do some sanity checking on the response using filters services = request.registry.cornice_services pattern = request.matched_route.pattern service = services.get(pattern, None) if service is not None: kwargs, ob = getattr(request, "cornice_args", ({}, None)) for _filter in kwargs.get('filters', []): if is_string(_filter) and ob is not None: _filter = getattr(ob, _filter) try: response = _filter(response, request) except TypeError: response = _filter(response) if service.cors_enabled: apply_cors_post_request(service, request, response) return response